{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T14:36:14Z","timestamp":1770215774106,"version":"3.49.0"},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2008,2,5]],"date-time":"2008-02-05T00:00:00Z","timestamp":1202169600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol"],"published-print":{"date-parts":[[2008,11]]},"DOI":"10.1007\/s11416-008-0082-4","type":"journal-article","created":{"date-parts":[[2008,2,4]],"date-time":"2008-02-04T05:26:33Z","timestamp":1202102793000},"page":"323-334","source":"Crossref","is-referenced-by-count":144,"title":["An intelligent PE-malware detection system based on association mining"],"prefix":"10.1007","volume":"4","author":[{"given":"Yanfang","family":"Ye","sequence":"first","affiliation":[]},{"given":"Dingding","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Tao","family":"Li","sequence":"additional","affiliation":[]},{"given":"Dongyi","family":"Ye","sequence":"additional","affiliation":[]},{"given":"Qingshan","family":"Jiang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2008,2,5]]},"reference":[{"key":"82_CR1","doi-asserted-by":"crossref","unstructured":"Adleman, L.: An abstract theory of computer viruses (invited talk). In: CRYPTO \u201988: Proceedings on Advances in Cryptology, pp. 354\u2013374, New York, NY, USA. Springer, New York (1990)","DOI":"10.1007\/0-387-34799-2_28"},{"key":"82_CR2","doi-asserted-by":"crossref","unstructured":"Agrawal, R., Imielinski, T.: Mining association rules between sets of items in large databases. In: Proceedings of SIGMOD (1993)","DOI":"10.1145\/170035.170072"},{"key":"82_CR3","unstructured":"Agrawal, R., Srikant, R.: Fast algorithms for association rule mining. In: Proceedings of VLDB-94 (1994)"},{"key":"82_CR4","doi-asserted-by":"crossref","unstructured":"Cheng, H., Yan, X., Han, J., Hsu, C.: Discriminative frequenct pattern analysis for effective classification. In: Proceedings of IEEE 23rd International Conference on Data Engineering (ICDE-07) (2007)","DOI":"10.1109\/ICDE.2007.367917"},{"key":"82_CR5","unstructured":"Christodorescu, M., Jha, S.: Static analysis of executables to detect malicious patterns. In: Proceedings of the 12th USENIX Security Symposium (2003)"},{"key":"82_CR6","first-page":"1216","volume":"40","author":"M. Fan","year":"2003","unstructured":"Fan M. and Li C. (2003). Mining frequent patterns in an fp-tree without conditional fp-tree generation. J. Comput. Res. Dev. 40: 1216\u20131222","journal-title":"J. Comput. Res. Dev."},{"key":"82_CR7","volume-title":"Computer Viruses: from Theory to Applications","author":"E. Filiol","year":"2005","unstructured":"Filiol E. (2005). Computer Viruses: from Theory to Applications. Springer, Heidelberg"},{"issue":"1","key":"82_CR8","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/s11416-006-0009-x","volume":"2","author":"E. Filiol","year":"2006","unstructured":"Filiol E. (2006). Malware pattern scanning schemes secure against black-box analysis. J. Comput. Virol. 2(1): 35\u201350","journal-title":"J. Comput. Virol."},{"issue":"1","key":"82_CR9","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1007\/s11416-006-0026-9","volume":"3","author":"E. Filiol","year":"2007","unstructured":"Filiol E., Jacob G. and Liard M.L. (2007). Evaluation methodology and theoretical model for antiviral behavioural detection strategies. J. Comput. Virol. 3(1): 27\u201337","journal-title":"J. Comput. Virol."},{"key":"82_CR10","volume-title":"Data Mining: Concepts and Techniques","author":"J. Han","year":"2006","unstructured":"Han J. and Kamber M. (2006). Data Mining: Concepts and Techniques, 2nd edn. Morgan Kaufmann, San Francisco","edition":"2"},{"key":"82_CR11","doi-asserted-by":"crossref","unstructured":"Han, J., Pei, J., Yin, Y.: Mining frequent patterns without candidate generation. In: Proceedings of SIGMOD, pp. 1\u201312, May (2000)","DOI":"10.1145\/342009.335372"},{"key":"82_CR12","doi-asserted-by":"crossref","first-page":"415","DOI":"10.1109\/72.991427","volume":"13","author":"C. Hsu","year":"2002","unstructured":"Hsu C. and Lin C. (2002). A comparison of methods for multiclass support vector machines. IEEE Trans. Neural Netw. 13: 415\u2013425","journal-title":"IEEE Trans. Neural Netw."},{"key":"82_CR13","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1109\/34.824819","volume":"22","author":"A. Jain","year":"2000","unstructured":"Jain A., Duin R. and Mao J. (2000). Statistical pattern recognition: A review. IEEE Trans. Pattern Anal. Mach. Intell. 22: 4\u201337","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"82_CR14","doi-asserted-by":"crossref","unstructured":"Kephart, J., Arnold, W.: Automatic extraction of computer virus signatures. In: Proceedings of 4th Virus Bulletin International Conference, pp. 178\u2013184 (1994)","DOI":"10.1016\/0142-0496(94)90045-0"},{"key":"82_CR15","doi-asserted-by":"crossref","unstructured":"Kolter, J., Maloof, M.: Learning to detect malicious executables in the wild. In: Proceedings of KDD\u201904 (2004)","DOI":"10.1145\/1014052.1014105"},{"key":"82_CR16","doi-asserted-by":"crossref","first-page":"1667","DOI":"10.1109\/TPAMI.2002.1114861","volume":"24","author":"N. Kwak","year":"2002","unstructured":"Kwak N. and Choi C. (2002). Input feature selection by mutual information based on parzen window. IEEE Trans. Pattern Anal. Mach. Intell. 24: 1667\u20131671","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"82_CR17","doi-asserted-by":"crossref","unstructured":"Langley, P.: Selection of relevant features in machine learning. In: Proceedings of AAAI Fall Symposium (1994)","DOI":"10.21236\/ADA292575"},{"key":"82_CR18","unstructured":"Lee, T., Mody, J.: Behavioral classification. In: Proceedings of 2006 EICAR Conference (2006)"},{"key":"82_CR19","unstructured":"Liu, B., Hsu, W., Ma, Y.: Integreting classification and association rule mining. In: Proceedings of KDD\u201998 (1998)"},{"key":"82_CR20","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1016\/0167-4048(95)00012-W","volume":"14","author":"R. Lo","year":"1995","unstructured":"Lo R., Levitt K. and Olsson R. (1995). Mcf: A malicious code filter. Comput. Secur. 14: 541\u2013566","journal-title":"Comput. Secur."},{"issue":"5","key":"82_CR21","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1109\/52.877857","volume":"17","author":"G. McGraw","year":"2002","unstructured":"McGraw G. and Morrisett G. (2002). Attacking malicious code: report to the infosec research council. IEEE Softw. 17(5): 33\u201341","journal-title":"IEEE Softw."},{"key":"82_CR22","doi-asserted-by":"crossref","unstructured":"Peng, H., Long, F., Ding, C.: Feature selection based on mutual information: Criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27 (2005)","DOI":"10.1109\/TPAMI.2005.159"},{"key":"82_CR23","doi-asserted-by":"crossref","unstructured":"Rabek, J., Khazan, R., Lewandowski, S., Cunningham, R.: Detection of injected, dynamically generated, and obfuscated malicious code. In: Proceedings of the 2003 ACM Workshop on Rapid Malcode, pp. 76\u201382 (2003)","DOI":"10.1145\/948187.948201"},{"key":"82_CR24","doi-asserted-by":"crossref","unstructured":"Schultz, M., Eskin, E., Zadok, E.: Data mining methods for detection of new malicious executables. In: Security and Privacy, 2001 Proceedings. 2001 IEEE Symposium on 14\u201316 May, pp. 38\u201349 (2001)","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"82_CR25","unstructured":"Shen, Y., Yang, Q., Zhang, Z.: Objective-oriented utility-based association mining. In: Proceedings of IEEE International Conference on Data Mining (2002)"},{"key":"82_CR26","doi-asserted-by":"crossref","unstructured":"Sung, A., Xu, J., Chavez, P., Mukkamala, S.: Static analyzer of vicious executables (save). In: Proceedings of the 20th Annual Computer Security Applications Conference (2004)","DOI":"10.1109\/CSAC.2004.37"},{"key":"82_CR27","volume-title":"Evaluation of Diagnostic System: Methods from Signal Detection Theory","author":"J. Swets","year":"1982","unstructured":"Swets J. and Pickett R. (1982). Evaluation of Diagnostic System: Methods from Signal Detection Theory. Academic Press, New York"},{"key":"82_CR28","volume-title":"Introduction to Data Mining","author":"P. Tan","year":"2005","unstructured":"Tan P., Steinbach M. and Kumar V. (2005). Introduction to Data Mining. Addison Wesley, Reading"},{"key":"82_CR29","volume-title":"The Nature of Statistical Learning Theory","author":"V. Vapnik","year":"1999","unstructured":"Vapnik V. (1999). The Nature of Statistical Learning Theory. Springer, Heidelberg"},{"key":"82_CR30","unstructured":"Wang, J., Deng, P., Fan, Y., Jaw, L., Liu, Y.: Virus detection using data mining techniques. In: Proceedings of IEEE International Conference on Data Mining (2003)"},{"key":"82_CR31","volume-title":"Data Mining: Practical Machine Learning Tools with Java Implementations","author":"H. Witten","year":"2005","unstructured":"Witten H. and Frank E. (2005). Data Mining: Practical Machine Learning Tools with Java Implementations. Morgan Kaufmann, San Francisco"},{"key":"82_CR32","unstructured":"Xu, J., Sung, A., Chavez, P., Mukkamala, S.: Polymorphic malicous executable sanner by api sequence analysis. In: Proceedings of the International Conference on Hybrid Intelligent Systems (2004)"},{"key":"82_CR33","doi-asserted-by":"crossref","unstructured":"Ye, Y., Wang, D., Li, T., Ye, D.: IMDS: Intelligent malware detection system. In: Proccedings of ACM International Conference on Knowlege Discovery and Data Mining (SIGKDD 2007) (2007)","DOI":"10.1145\/1281192.1281308"},{"key":"82_CR34","doi-asserted-by":"crossref","unstructured":"Yin, X., Han, J.: Cpar: Classification based on predictive association rules. In: Proceedings of 3rd SIAM International Conference on Data Mining (SDM\u201903), May (2003)","DOI":"10.1137\/1.9781611972733.40"},{"issue":"6","key":"82_CR35","doi-asserted-by":"crossref","first-page":"627","DOI":"10.1093\/comjnl\/47.6.627","volume":"47","author":"Z. Zuo","year":"2004","unstructured":"Zuo Z. and Tian Zhou M. (2004). Some further theoretical results about computer viruses. Comput. J. 47(6): 627\u2013633","journal-title":"Comput. J."},{"issue":"8","key":"82_CR36","doi-asserted-by":"crossref","first-page":"2962","DOI":"10.1109\/TIT.2005.851780","volume":"51","author":"Z. Zuo","year":"2005","unstructured":"Zuo Z., Zhu Q.-x. and Zhou M.-t. (2005). On the time complexity of computer viruses. IEEE Trans. Inf. Theory 51(8): 2962\u20132966","journal-title":"IEEE Trans. Inf. Theory"}],"container-title":["Journal in Computer Virology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-008-0082-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-008-0082-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-008-0082-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T10:45:42Z","timestamp":1559385942000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-008-0082-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,2,5]]},"references-count":36,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2008,11]]}},"alternative-id":["82"],"URL":"https:\/\/doi.org\/10.1007\/s11416-008-0082-4","relation":{},"ISSN":["1772-9890","1772-9904"],"issn-type":[{"value":"1772-9890","type":"print"},{"value":"1772-9904","type":"electronic"}],"subject":[],"published":{"date-parts":[[2008,2,5]]}}}